Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
13573 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2005-1042 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2024-08-07 | N/A |
Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP before 4.3.11 may allow remote attackers to execute arbitrary code via an IFD tag that leads to a negative byte count. | ||||
CVE-2005-1038 | 2 Paul Vixie, Redhat | 2 Vixie Cron, Enterprise Linux | 2024-08-07 | N/A |
crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whether this is a duplicate of CVE-2001-0235. | ||||
CVE-2005-0990 | 2 Gnu, Redhat | 2 Sharutils, Enterprise Linux | 2024-08-07 | N/A |
unshar (unshar.c) in sharutils 4.2.1 allows local users to overwrite arbitrary files via a symlink attack on the unsh.X temporary file. | ||||
CVE-2005-0965 | 2 Redhat, Rob Flynn | 2 Enterprise Linux, Gaim | 2024-08-07 | N/A |
The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read. | ||||
CVE-2005-0966 | 2 Redhat, Rob Flynn | 2 Enterprise Linux, Gaim | 2024-08-07 | N/A |
The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Gaim markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote attackers to inject arbitrary Pango markup and pop up empty dialog boxes via irc_msg_invite, or (3) malicious IRC servers to cause a denial of service (application crash) by injecting certain Pango markup into irc_msg_badmode, irc_msg_banned, irc_msg_unknown, irc_msg_nochan functions. | ||||
CVE-2005-0977 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-08-07 | N/A |
The shmem_nopage function in shmem.c for the tmpfs driver in Linux kernel 2.6 does not properly verify the address argument, which allows local users to cause a denial of service (kernel crash) via an invalid address. | ||||
CVE-2005-0967 | 2 Redhat, Rob Flynn | 2 Enterprise Linux, Gaim | 2024-08-07 | N/A |
Gaim 1.2.0 allows remote attackers to cause a denial of service (application crash) via a malformed file transfer request to a Jabber user, which leads to an out-of-bounds read. | ||||
CVE-2005-0953 | 2 Bzip, Redhat | 2 Bzip2, Enterprise Linux | 2024-08-07 | N/A |
Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete. | ||||
CVE-2005-0867 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-08-07 | N/A |
Integer overflow in Linux kernel 2.6 allows local users to overwrite kernel memory by writing to a sysfs file. | ||||
CVE-2005-0891 | 2 Gnome, Redhat | 2 Gtk, Enterprise Linux | 2024-08-07 | 7.5 High |
Double free vulnerability in gtk 2 (gtk2) before 2.2.4 allows remote attackers to cause a denial of service (crash) via a crafted BMP image. | ||||
CVE-2005-0941 | 2 Openoffice, Redhat | 2 Openoffice, Enterprise Linux | 2024-08-07 | N/A |
The StgCompObjStream::Load function in OpenOffice.org OpenOffice 1.1.4 and earlier allocates memory based on 16 bit length values, but process memory using 32 bit values, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a DOC document with certain length values, which leads to a heap-based buffer overflow. | ||||
CVE-2005-0937 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-08-07 | N/A |
Some futex functions in futex.c for Linux kernel 2.6.x perform get_user calls while holding the mmap_sem semaphore, which could allow local users to cause a deadlock condition in do_page_fault by triggering get_user faults while another thread is executing mmap or other functions. | ||||
CVE-2005-0815 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-08-07 | N/A |
Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2.6.11 and earlier may allow attackers to cause a denial of service or corrupt memory via a crafted filesystem. | ||||
CVE-2005-0767 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-08-07 | N/A |
Race condition in the Radeon DRI driver for Linux kernel 2.6.8.1 allows local users with DRI privileges to execute arbitrary code as root. | ||||
CVE-2005-0806 | 2 Redhat, Ximian | 2 Enterprise Linux, Evolution | 2024-08-07 | N/A |
Evolution 2.0.3 allows remote attackers to cause a denial of service (application crash or hang) via crafted messages, possibly involving charsets in attachment filenames. | ||||
CVE-2005-0839 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-08-07 | N/A |
Linux kernel 2.6 before 2.6.11 does not restrict access to the N_MOUSE line discipline for a TTY, which allows local users to gain privileges by injecting mouse or keyboard events into other user sessions. | ||||
CVE-2005-0765 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2024-08-07 | N/A |
Unknown vulnerability in the JXTA dissector in Ethereal 0.10.9 allows remote attackers to cause a denial of service (application crash). | ||||
CVE-2005-0763 | 2 Midnight Commander, Redhat | 2 Midnight Commander, Enterprise Linux | 2024-08-07 | N/A |
Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code. | ||||
CVE-2005-0760 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2024-08-07 | N/A |
The TIFF decoder in ImageMagick before 6.0 allows remote attackers to cause a denial of service (crash) via a crafted TIFF file. | ||||
CVE-2005-0755 | 2 Realnetworks, Redhat | 5 Helix Player, Realone Player, Realplayer and 2 more | 2024-08-07 | N/A |
Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player before 10.0.4, and RealOne Player v1 and v2 allows remote attackers to execute arbitrary code via a long hostname in a RAM file. |